[Freeipa-users] IPA and FIPS 140-2
Anon Lister
listeranon at gmail.com
Thu Aug 4 16:39:32 UTC 2016
Sorry, certified openssl implementation*
On Aug 4, 2016 9:38 AM, "Anon Lister" <listeranon at gmail.com> wrote:
> I'd also like to throw in that the requirements you are facing are likely
> requiring FIPS Certified, not just compliant, as I'm somewhat familiar with
> them. (800-53 or 800-171)
>
> Essentially it will have to fall back on the FIPS compliant openssl
> implementation, however I believe there are other crypto routines used in
> free IPA that are used to protect the confidentiality of information? Can
> we get a response from devs on that?
>
> The crypto only has to be FIPS if protecting confidentiality is its use.
> Crypto protecting integrity only does not need to be FIPS.
>
> On Aug 4, 2016 9:27 AM, "Michael Sean Conley" <
> Michael.Sean.Conley at raytheon.com> wrote:
>
> Does ANYONE have any experience getting IPA to work with FIPS?
>
> We're trying desperately to get this going, as we have some requirements
> that the Identity Management Tool we choose must be FIPS 140-2 compliant.
>
> AAAARRRRGGHHH
>
> *Michael Sean Conley*
>
> --
> Manage your subscription for the Freeipa-users mailing list:
> https://www.redhat.com/mailman/listinfo/freeipa-users
> Go to http://freeipa.org for more info on the project
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20160804/ca5aa9c0/attachment.htm>
More information about the Freeipa-users
mailing list